SlideShare ist ein Scribd-Unternehmen logo

Cost effective cyber security

임채호 박사님

There are big loss from data breach incidents world wide in 3 M to 7.4 M USD. All incidents caused by malicious attacks form Internet hackers for economic purpose. It's introduced the 1st best performance tools of Web Apps security scan and malicious URL detection worldwide. OWASP tools is 82% detect rate by SAST and DAST using exploit codes, So performance is 1/50 than tools shown in this presentation. APT malware are form Email Phishing and web malware links. Through the tools - Bit Scanners and PCDS provides the services in lowest cost like monthly pay to show user';s loss to half.

Internet
1 von 23
Downloaden Sie, um offline zu lesen
Cost Effective Cyber Security Chaeho Lim skscogh@naver.com
Abstracts 1 • Target : CIA(Confidentiality, Integrity, Availability) • 2 Major Cyber Security Controls • Protect Data Breach & Service Down • No Software Vulnerability and Abusing • No Web Apps Attacks and APT Malware Attacks • General Security Control Measure Enhancement • Set Up Security Controls 10 - 20 at least • Excellent Tools and Persons and Well Trained and Educated • Real Time Security Risk Management • With Cloud Computing 2020-08-25 비용효과적인 사이버보안 전략 2 Client ServerRequest Respond Client - Server Internet Exploit Vulnerable
 Data Breach : 3.86 M USD • 524 Incident, 17 Countries and Industries • Malware Attacks 52% : Account(19%), Cloud(19%), SW(16%), Phishing(14%)  Major Security Control Up : Down to 2 M USD • Web APPS : Bit Scanner 100% • TCP/IP Web Detect, Internet. Mobile, IoT • Crawling, Attack Simulation. Recovery Codes • OWASP : SAST 82%, DAST : Real Attacks(No Guarantee) • APT Malware : PCDS & HIDS • PCDS : 현재 20만 Black List and Update(Regex Analysis) • HIDS : 각 PC Real Time Abusing Detect(Reverse Engineering) 2020-08-25 비용효과적인 사이버보안 전략 3 1. Cost of a Data Breach Report https://www.ibm.com/security/data-breach 2. https://www.ptsecurity.com/ww-en/analytics/web-vulnerabilities-2020/ Abstracts 2
Contents 1. Data Protection 2. Major Security Items • Web Apps Vulnerabilities • APT Malware Abusing • Penetration Test 3. Cyber Security Controls • Set Up Security Controls • Security Control Data Gathering and Analyzing 4. Cost Benefit Analysis 5. Conclusion Add 1: Security Professionals Add 2: 2020-08-25 비용효과적인 사이버보안 전략 4 1. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf Risk Management Risk Intelligence Risk Event/Data Business Analyzing
Data Protection 2020-08-25 비용효과적인 사이버보안 전략 5 1. https://www.slideshare.net/DataReportal/digital-2020-global-digital-overview-january-2020-v01-226017535/8- 9JAN2020SOURCES_POPULATION_UNITED_NATIONS_LOCAL 2. https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html 3. https://1c7fab3im83f5gqiow2qqs2k-wpengine.netdna-ssl.com/2015-wp/wp-content/uploads/2017/10/2017-Cybercrime-Report.pdf  Digital Internet Economy, 4.5 B Internet Users(59%)  Data Breach Incident : Privacy, intellectual property • Adobe, eBay, Equifax, Heartland Payment Systems LinkedIn, Marriott International, Yahoo  Cyber Terror : Service Down Attacks by North Korea • 320 Cyber Terror, 77DDOS, 125 Terror  More Internet Attack Space and Criminals • Web, Mobile and IoT Sensors • China, North Korea, Russia • Cyber Crime : 6 Trillians
Data Protection 2020-08-25 비용효과적인 사이버보안 전략 6 1. https://www.ibm.com/security/data-breach  Cost 3.86 MD from 524 Data Breach Incidents  Health Care Industry, 280 Days to Detect • 150 USD cost/record • Security Controls Problem ; Technical Issues : 52%(Web, APT/Phishing) Attack 52% System 25% Person 23% China CERT Security Vulnerability Trends (Boan News)
2 Major Security Controls 1 2020-08-25 비용효과적인 사이버보안 전략 7 1. 해킹의 비밀을 푸는 KEY 15, http://www.yes24.com/Product/Goods/8358065 2. Advanced Persistent Threats: A Decade in Review, https://paper.seebug.org/papers/APT/APT_CyberCriminal_Campagin/2011/C5_APT_ADecadeInReview.pdf 3. https://content.fireeye.com/apt/rpt-apt38  Pen Test via Contract Company  Find Web Apps Vulnerability  RAT Attack  Data Breach – Intellectual Property  Attack to Main Company Bank Penetration Test APT Malware Penetration Test Company Penetration Test Web Apps  Prepare APT Malware Code  Edit RAT Tools, Consult Virus Total  Email Using Social Engineering  Bypass ASS  30- 40 Victim PC, DB Manager  Critical Issues in AVS
2 Major Security Controls 2 2020-08-25 비용효과적인 사이버보안 전략 8 1. https://1c7fab3im83f5gqiow2qqs2k-wpengine.netdna-ssl.com/2015-wp/wp-content/uploads/2017/10/2017-Cybercrime-Report.pdf • Need Security Controls “Daily” • Web Apps Vulnerability Scan APT Malware Scan • Web 1.5 Billion Web Sites • Software 1,100 B New Codes • Contents 2020 96 Zeta Bytes • Dark Web Dark Web Crime Services There are 111 billion lines of new software code being produced each year — which introduces a massive number of vulnerabilities that can be exploited.
Web Apps Security 1 2020-08-25 비용효과적인 사이버보안 전략 9 1. https://cwe.mitre.org/top25/archive/2020/2020_cwe_top25.html 2. http://www.opennaru.com/opennaru-blog/owasp-zap-devops-and-security/ 3. http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308
Web Apps Security 2 2020-08-25 비용효과적인 사이버보안 전략 10 1. https://www.dhs.gov/science-and-technology/news/2019/11/26/snapshot-top-25-most-dangerous-software-errors 2. 위험관리 기반의 비용 효율적인 실시간 웹 애플리케이션 소프트웨어 보안취약점 테스팅, http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308  From smartphone games and personal email accounts to international banking and hospital records, software is everywhere. It entertains, boosts efficiency, and even saves lives. Unfortunately, for every new program developed, there is likely a hacker ready to disrupt and exploit it. That’s why it is vital for software designers, developers, and cybersecurity experts to keep apprised of potential weaknesses that could cause substantial damage to their computer systems. – DHS  Korea made a model that considers all program vulnerabilities linked in TCP/IP HTTP Web communication with the Client Server Internet • Web HTTP with Web, Mobile and IoT • There are exploit codes in Client to attack vulnerable server • Using attack simulation in HTTP • OWASP Tools Try SAST(82%), DAST(No Web Service Guarantee) • SDLC & DevOps Model
Web Apps Security 3 2020-08-25 비용효과적인 사이버보안 전략 11 1. https://www.dailysecu.com/news/articleView.html?idxno=1308 2. http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308 3. https://www.ptsecurity.com/ww-en/analytics/web-vulnerabilities-2020/  “Similar services exist in Japan. But in the end, the reason I chose Korean tools was because of two advantages.” “First, it was too powerful compared to other services in terms of speed. As a result of testing on several company sites, the light scan service was completed in 8 minutes that other companies' products took more than 8 hours. Another advantage is that it does not damage the website at all while checking quickly.” -Director Masaharu Shirasugi, IWI Group, Japan  50 times the speed (OWASP 8 hours, Light Scan Co., Ltd. 8 minutes)  SDLC VS DevOps 체계  Server Programs can be Revised any Time  OWASP 도구 : SAST 82%
Web Apps Security 4 2020-08-25 비용효과적인 사이버보안 전략 12 Crawl Attack Simulation Structure Analysis Report 1. http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308 1 2 3 4
APT Malware Detection 1 2020-08-25 비용효과적인 사이버보안 전략 13 1. https://us-cert.cisa.gov/northkorea 2. https://globalcybersecurityreport.com/2017/08/04/dhs-st-announces-commercialization-of-renigma-malware-reverse-engineering-tool/  Malware?  Code in abnormal in PC. Web, Mobile  Web Malware URL, Email. Mobile Execution of Malware
APT Malware Detection 2 2020-08-25 비용효과적인 사이버보안 전략 14 https://us-cert.cisa.gov/northkorea https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf  HIDS 악성코드 탐지  Host Intrusion Detection 1. Scan all PC disk NEW Files 2. Analyze Using “Reverse Engineering” 3. If Problems “RESTORE” 4. Delete malware 5. Add “Black List”
APT Malware Detection 3 2020-08-25 비용효과적인 사이버보안 전략 15 https://us-cert.cisa.gov/northkorea https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf  PCDS  Pre Crime Detection Satellite 1. Crawling Web Servers : • 12 회 6M. 48 회 2 M 2. Analyzing in Regex in Full Depths 3. Update Black List : 200,000 Record • Under 10,000  국내 주요 클라우드 업체 이용 중  Ransomware 탐지
Cyber Security Control 1 2020-08-25 비용효과적인 사이버보안 전략 16 1. https://en.wikipedia.org/wiki/Comprehensive_National_Cybersecurity_Initiative 2. http://www.yes24.com/Product/Goods/40974900  CNCI  Comprehensive National Cybersecurity Initiative • Governance • Architecture • Normal Profile • Response Capability
Cyber Security Control 2 2020-08-25 비용효과적인 사이버보안 전략 17 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf  Security Control  보안통제 를 지키는지 Rule 규칙을 이용함
Cyber Security Control 3 2020-08-25 비용효과적인 사이버보안 전략 18 국가 사이버보안 대응체계 혁신에 관한 연구 KAIST  SPMS  Security Performance (enhancement) System
Cost Benefit Analysis 1 2020-08-25 비용효과적인 사이버보안 전략 19 1. Performance Measurement Guide for Information Security , https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-55r1.pdf  Cyber Security Risk Management System • Security Control Performance Measure • Like SPMS : Raw Data 수집 • 실무데이터의 분석 • 각 건별 공격성공 확률계산 • 각 건별 비용의 지속적인 관찰
Cost Benefit Analysis 2 2020-08-25 비용효과적인 사이버보안 전략 20 1. https://www.federaltimes.com/it-networks/2019/12/11/agencies-achieve-historic-results-on-new-modernization-scorecard/ • Score Card • 2015년 11월에 Score Card를 시작했을 때 F, D가 있 었고 B는 2개 이었다. • 스코어 카드는 특정시점이다. 매일 결과를 제공하고 현대화 분야에서 개선되고 있다. • DHS는 가장 큰 개선을 보았다. 데이터센터 최적화 에서 "A"점수를 받아 전체 "D-"에서 "B"로 뛰어 올 랐다. • 국무부, 원자력 규제위원회, 사회보장국이 모두 무 너졌다. • 스코어카드 이후 보고 구조가 개선되었다 . 법에 따 라 기관 CIO는 기관장 또는 대리인에게 보고해야 한다. • 보건 복지부, 노동부, 법무부, 주 및 NRC 등 5 개 기 관 만이 해당 요건을 준수하지 않았다. 전반적인 점 수는 향상되지 않았다. Government Accountability Office의 IT 관리문제 Carol Harris 이사에 따르면 3 개 기관은 "허용되는"CIO보고 모델을 보유하고 있 으며 16 개 기관은 적절한 구조를 갖추고 있다. •
Conclusion 2020-08-25 비용효과적인 사이버보안 전략 21 • Quantitative risk management system • Risk Index = SUM(Control/Target Asset X 100) • Score Card or Periodic Rule Check Data • Daily Check : • Web Apps Security and APT Malware Check • World Best Tools : Bit Scanner and PCDS 1. https://msexperttalk.com/azure-security-center-cloud-security-posture-management/ A Client’s Security C Class : 631/880
Add 1 Security Professional 2020-08-25 비용효과적인 사이버보안 전략 22 1. https://www.nist.gov/itl/applied-cybersecurity/nice/nice-framework-resource-center 2. https://resources.infosecinstitute.com/keeping-your-cybersecurity-skills-relevant/#gref 1. Intrusion Detection: 2. Software Reverse-Engineering 3. Analytical Skills: 4. Risk Mitigation: 5. Cloud Security: 6. Incident Response: 7. Encryption Technologies: 8. Penetration Testing:
Add 2 Content of Future Book 2020-08-25 비용효과적인 사이버보안 전략 23 I. Cyber Security Abstract II. Strategy III. Cyber Security Issues IV. Penetration Test V. IDS and Information Warfare VI. Practical Case Cyber Security Abstract 1. Strategy 2. Software Security 3. Cloud Security 4. US Cyber Security 5. Incident Case Analysis 6. Cyber Security Jobs 7. Penetration Strategy 8. APT Malware 9. Web Apps 10. Information Warfare 11. IDS 12. Security Measure 13. Risk Managemment

Empfohlen

World best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious linkWorld best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious link
임채호 박사님
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Matthew Rosenquist
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
Virginia Fernandez
 
Cyber threats
Cyber threatsCyber threats
Cyber threats
Sonia Baratas Alves
 
IBM Security Intelligence
IBM Security IntelligenceIBM Security Intelligence
IBM Security Intelligence
Anna Landolfi
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Ulf Mattsson
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM Security
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
Ulf Mattsson
 

Empfohlen

World best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious linkWorld best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious link
임채호 박사님
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Matthew Rosenquist
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
Virginia Fernandez
 
Cyber threats
Cyber threatsCyber threats
Cyber threats
Sonia Baratas Alves
 
IBM Security Intelligence
IBM Security IntelligenceIBM Security Intelligence
IBM Security Intelligence
Anna Landolfi
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Ulf Mattsson
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM Security
 
How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016How can i find my security blind spots ulf mattsson - aug 2016
How can i find my security blind spots ulf mattsson - aug 2016
Ulf Mattsson
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITY
ETDAofficialRegist
 
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Enterprise Management Associates
 
Five critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investmentsFive critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investments
IBM Security
 
How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016
Ulf Mattsson
 
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
Risk Analysis Consultants, s.r.o.
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
Threat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a BreachThreat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a Breach
Rahul Neel Mani
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius
 
Continuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityContinuous Monitoring for Web Application Security
Continuous Monitoring for Web Application Security
Cenzic
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
IBM Security
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!
IBM Security
 
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0 Check Point: Securing Web 2.0
Check Point: Securing Web 2.0
Group of company MUK
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
Imperva
 
Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...
Cenzic
 
Cyber Security Threat Modeling
Cyber Security Threat ModelingCyber Security Threat Modeling
Cyber Security Threat Modeling
Dr. Anish Cheriyan (PhD)
 
The Dynamic Nature of Virtualization Security
The Dynamic Nature of Virtualization SecurityThe Dynamic Nature of Virtualization Security
The Dynamic Nature of Virtualization Security
Rapid7
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
FMA Summits
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
SolarWinds
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security Intelligence
Splunk
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Ulf Mattsson
 
How PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applicationsHow PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applications
Ben Rothke
 
Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetup
pbink
 

Weitere ähnliche Inhalte

Was ist angesagt?

How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016
Ulf Mattsson
 
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
Risk Analysis Consultants, s.r.o.
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius
 
Continuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityContinuous Monitoring for Web Application Security
Continuous Monitoring for Web Application Security
Cenzic
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
IBM Security
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!
IBM Security
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
SolarWinds
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Ulf Mattsson
 

Was ist angesagt? (20)

THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITY
 
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
Solving the Asset Management Challenge for Cybersecurity (It’s About Time)
 
Five critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investmentsFive critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investments
 
How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016How can i find my security blind spots in Oracle - nyoug - sep 2016
How can i find my security blind spots in Oracle - nyoug - sep 2016
 
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
 
Threat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a BreachThreat Exposure Management - Reduce your Risk of a Breach
Threat Exposure Management - Reduce your Risk of a Breach
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
 
Continuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityContinuous Monitoring for Web Application Security
Continuous Monitoring for Web Application Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!
 
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0 Check Point: Securing Web 2.0
Check Point: Securing Web 2.0
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
 
Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...
 
Cyber Security Threat Modeling
Cyber Security Threat ModelingCyber Security Threat Modeling
Cyber Security Threat Modeling
 
The Dynamic Nature of Virtualization Security
The Dynamic Nature of Virtualization SecurityThe Dynamic Nature of Virtualization Security
The Dynamic Nature of Virtualization Security
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security Intelligence
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
 

Ähnlich wie Cost effective cyber security

Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
SecPod Technologies
 
Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...
SolarWinds
 
Cyber security series Application Security
Cyber security series Application SecurityCyber security series Application Security
Cyber security series Application Security
Jim Kaplan CIA CFE
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
Jyothi Satyanathan
 
Rational application-security-071411
Rational application-security-071411Rational application-security-071411
Rational application-security-071411
Scott Althouse
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
Ulf Mattsson
 
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
SolarWinds
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
Ulf Mattsson
 

Ähnlich wie Cost effective cyber security (20)

How PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applicationsHow PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applications
 
Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetup
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptxEmphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
Emphasizing Value of Prioritizing AppSec Meetup 11052023.pptx
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
 
Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...
 
Cyber security series Application Security
Cyber security series Application SecurityCyber security series Application Security
Cyber security series Application Security
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
 
Mitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuMitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo Nixu
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
 
Application security Best Practices Framework
Application security Best Practices FrameworkApplication security Best Practices Framework
Application security Best Practices Framework
 
Rational application-security-071411
Rational application-security-071411Rational application-security-071411
Rational application-security-071411
 
IT Security Essentials
IT Security EssentialsIT Security Essentials
IT Security Essentials
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
 
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015
 

Kürzlich hochgeladen

一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
F
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Monica Sydney
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Priya Reddy
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Monica Sydney
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
ydyuyu
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
pxcywzqs
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
F
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
Monica Sydney
 

Kürzlich hochgeladen (20)

一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 

Cost effective cyber security

  • 1. Cost Effective Cyber Security Chaeho Lim skscogh@naver.com
  • 2. Abstracts 1 • Target : CIA(Confidentiality, Integrity, Availability) • 2 Major Cyber Security Controls • Protect Data Breach & Service Down • No Software Vulnerability and Abusing • No Web Apps Attacks and APT Malware Attacks • General Security Control Measure Enhancement • Set Up Security Controls 10 - 20 at least • Excellent Tools and Persons and Well Trained and Educated • Real Time Security Risk Management • With Cloud Computing 2020-08-25 비용효과적인 사이버보안 전략 2 Client ServerRequest Respond Client - Server Internet Exploit Vulnerable
  • 3.  Data Breach : 3.86 M USD • 524 Incident, 17 Countries and Industries • Malware Attacks 52% : Account(19%), Cloud(19%), SW(16%), Phishing(14%)  Major Security Control Up : Down to 2 M USD • Web APPS : Bit Scanner 100% • TCP/IP Web Detect, Internet. Mobile, IoT • Crawling, Attack Simulation. Recovery Codes • OWASP : SAST 82%, DAST : Real Attacks(No Guarantee) • APT Malware : PCDS & HIDS • PCDS : 현재 20만 Black List and Update(Regex Analysis) • HIDS : 각 PC Real Time Abusing Detect(Reverse Engineering) 2020-08-25 비용효과적인 사이버보안 전략 3 1. Cost of a Data Breach Report https://www.ibm.com/security/data-breach 2. https://www.ptsecurity.com/ww-en/analytics/web-vulnerabilities-2020/ Abstracts 2
  • 4. Contents 1. Data Protection 2. Major Security Items • Web Apps Vulnerabilities • APT Malware Abusing • Penetration Test 3. Cyber Security Controls • Set Up Security Controls • Security Control Data Gathering and Analyzing 4. Cost Benefit Analysis 5. Conclusion Add 1: Security Professionals Add 2: 2020-08-25 비용효과적인 사이버보안 전략 4 1. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf Risk Management Risk Intelligence Risk Event/Data Business Analyzing
  • 5. Data Protection 2020-08-25 비용효과적인 사이버보안 전략 5 1. https://www.slideshare.net/DataReportal/digital-2020-global-digital-overview-january-2020-v01-226017535/8- 9JAN2020SOURCES_POPULATION_UNITED_NATIONS_LOCAL 2. https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html 3. https://1c7fab3im83f5gqiow2qqs2k-wpengine.netdna-ssl.com/2015-wp/wp-content/uploads/2017/10/2017-Cybercrime-Report.pdf  Digital Internet Economy, 4.5 B Internet Users(59%)  Data Breach Incident : Privacy, intellectual property • Adobe, eBay, Equifax, Heartland Payment Systems LinkedIn, Marriott International, Yahoo  Cyber Terror : Service Down Attacks by North Korea • 320 Cyber Terror, 77DDOS, 125 Terror  More Internet Attack Space and Criminals • Web, Mobile and IoT Sensors • China, North Korea, Russia • Cyber Crime : 6 Trillians
  • 6. Data Protection 2020-08-25 비용효과적인 사이버보안 전략 6 1. https://www.ibm.com/security/data-breach  Cost 3.86 MD from 524 Data Breach Incidents  Health Care Industry, 280 Days to Detect • 150 USD cost/record • Security Controls Problem ; Technical Issues : 52%(Web, APT/Phishing) Attack 52% System 25% Person 23% China CERT Security Vulnerability Trends (Boan News)
  • 7. 2 Major Security Controls 1 2020-08-25 비용효과적인 사이버보안 전략 7 1. 해킹의 비밀을 푸는 KEY 15, http://www.yes24.com/Product/Goods/8358065 2. Advanced Persistent Threats: A Decade in Review, https://paper.seebug.org/papers/APT/APT_CyberCriminal_Campagin/2011/C5_APT_ADecadeInReview.pdf 3. https://content.fireeye.com/apt/rpt-apt38  Pen Test via Contract Company  Find Web Apps Vulnerability  RAT Attack  Data Breach – Intellectual Property  Attack to Main Company Bank Penetration Test APT Malware Penetration Test Company Penetration Test Web Apps  Prepare APT Malware Code  Edit RAT Tools, Consult Virus Total  Email Using Social Engineering  Bypass ASS  30- 40 Victim PC, DB Manager  Critical Issues in AVS
  • 8. 2 Major Security Controls 2 2020-08-25 비용효과적인 사이버보안 전략 8 1. https://1c7fab3im83f5gqiow2qqs2k-wpengine.netdna-ssl.com/2015-wp/wp-content/uploads/2017/10/2017-Cybercrime-Report.pdf • Need Security Controls “Daily” • Web Apps Vulnerability Scan APT Malware Scan • Web 1.5 Billion Web Sites • Software 1,100 B New Codes • Contents 2020 96 Zeta Bytes • Dark Web Dark Web Crime Services There are 111 billion lines of new software code being produced each year — which introduces a massive number of vulnerabilities that can be exploited.
  • 9. Web Apps Security 1 2020-08-25 비용효과적인 사이버보안 전략 9 1. https://cwe.mitre.org/top25/archive/2020/2020_cwe_top25.html 2. http://www.opennaru.com/opennaru-blog/owasp-zap-devops-and-security/ 3. http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308
  • 10. Web Apps Security 2 2020-08-25 비용효과적인 사이버보안 전략 10 1. https://www.dhs.gov/science-and-technology/news/2019/11/26/snapshot-top-25-most-dangerous-software-errors 2. 위험관리 기반의 비용 효율적인 실시간 웹 애플리케이션 소프트웨어 보안취약점 테스팅, http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308  From smartphone games and personal email accounts to international banking and hospital records, software is everywhere. It entertains, boosts efficiency, and even saves lives. Unfortunately, for every new program developed, there is likely a hacker ready to disrupt and exploit it. That’s why it is vital for software designers, developers, and cybersecurity experts to keep apprised of potential weaknesses that could cause substantial damage to their computer systems. – DHS  Korea made a model that considers all program vulnerabilities linked in TCP/IP HTTP Web communication with the Client Server Internet • Web HTTP with Web, Mobile and IoT • There are exploit codes in Client to attack vulnerable server • Using attack simulation in HTTP • OWASP Tools Try SAST(82%), DAST(No Web Service Guarantee) • SDLC & DevOps Model
  • 11. Web Apps Security 3 2020-08-25 비용효과적인 사이버보안 전략 11 1. https://www.dailysecu.com/news/articleView.html?idxno=1308 2. http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308 3. https://www.ptsecurity.com/ww-en/analytics/web-vulnerabilities-2020/  “Similar services exist in Japan. But in the end, the reason I chose Korean tools was because of two advantages.” “First, it was too powerful compared to other services in terms of speed. As a result of testing on several company sites, the light scan service was completed in 8 minutes that other companies' products took more than 8 hours. Another advantage is that it does not damage the website at all while checking quickly.” -Director Masaharu Shirasugi, IWI Group, Japan  50 times the speed (OWASP 8 hours, Light Scan Co., Ltd. 8 minutes)  SDLC VS DevOps 체계  Server Programs can be Revised any Time  OWASP 도구 : SAST 82%
  • 12. Web Apps Security 4 2020-08-25 비용효과적인 사이버보안 전략 12 Crawl Attack Simulation Structure Analysis Report 1. http://journalhome.ap-northeast-2.elasticbeanstalk.com/journals/jkiisc/digital-library/23308 1 2 3 4
  • 13. APT Malware Detection 1 2020-08-25 비용효과적인 사이버보안 전략 13 1. https://us-cert.cisa.gov/northkorea 2. https://globalcybersecurityreport.com/2017/08/04/dhs-st-announces-commercialization-of-renigma-malware-reverse-engineering-tool/  Malware?  Code in abnormal in PC. Web, Mobile  Web Malware URL, Email. Mobile Execution of Malware
  • 14. APT Malware Detection 2 2020-08-25 비용효과적인 사이버보안 전략 14 https://us-cert.cisa.gov/northkorea https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf  HIDS 악성코드 탐지  Host Intrusion Detection 1. Scan all PC disk NEW Files 2. Analyze Using “Reverse Engineering” 3. If Problems “RESTORE” 4. Delete malware 5. Add “Black List”
  • 15. APT Malware Detection 3 2020-08-25 비용효과적인 사이버보안 전략 15 https://us-cert.cisa.gov/northkorea https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf  PCDS  Pre Crime Detection Satellite 1. Crawling Web Servers : • 12 회 6M. 48 회 2 M 2. Analyzing in Regex in Full Depths 3. Update Black List : 200,000 Record • Under 10,000  국내 주요 클라우드 업체 이용 중  Ransomware 탐지
  • 16. Cyber Security Control 1 2020-08-25 비용효과적인 사이버보안 전략 16 1. https://en.wikipedia.org/wiki/Comprehensive_National_Cybersecurity_Initiative 2. http://www.yes24.com/Product/Goods/40974900  CNCI  Comprehensive National Cybersecurity Initiative • Governance • Architecture • Normal Profile • Response Capability
  • 17. Cyber Security Control 2 2020-08-25 비용효과적인 사이버보안 전략 17 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf  Security Control  보안통제 를 지키는지 Rule 규칙을 이용함
  • 18. Cyber Security Control 3 2020-08-25 비용효과적인 사이버보안 전략 18 국가 사이버보안 대응체계 혁신에 관한 연구 KAIST  SPMS  Security Performance (enhancement) System
  • 19. Cost Benefit Analysis 1 2020-08-25 비용효과적인 사이버보안 전략 19 1. Performance Measurement Guide for Information Security , https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-55r1.pdf  Cyber Security Risk Management System • Security Control Performance Measure • Like SPMS : Raw Data 수집 • 실무데이터의 분석 • 각 건별 공격성공 확률계산 • 각 건별 비용의 지속적인 관찰
  • 20. Cost Benefit Analysis 2 2020-08-25 비용효과적인 사이버보안 전략 20 1. https://www.federaltimes.com/it-networks/2019/12/11/agencies-achieve-historic-results-on-new-modernization-scorecard/ • Score Card • 2015년 11월에 Score Card를 시작했을 때 F, D가 있 었고 B는 2개 이었다. • 스코어 카드는 특정시점이다. 매일 결과를 제공하고 현대화 분야에서 개선되고 있다. • DHS는 가장 큰 개선을 보았다. 데이터센터 최적화 에서 "A"점수를 받아 전체 "D-"에서 "B"로 뛰어 올 랐다. • 국무부, 원자력 규제위원회, 사회보장국이 모두 무 너졌다. • 스코어카드 이후 보고 구조가 개선되었다 . 법에 따 라 기관 CIO는 기관장 또는 대리인에게 보고해야 한다. • 보건 복지부, 노동부, 법무부, 주 및 NRC 등 5 개 기 관 만이 해당 요건을 준수하지 않았다. 전반적인 점 수는 향상되지 않았다. Government Accountability Office의 IT 관리문제 Carol Harris 이사에 따르면 3 개 기관은 "허용되는"CIO보고 모델을 보유하고 있 으며 16 개 기관은 적절한 구조를 갖추고 있다. •
  • 21. Conclusion 2020-08-25 비용효과적인 사이버보안 전략 21 • Quantitative risk management system • Risk Index = SUM(Control/Target Asset X 100) • Score Card or Periodic Rule Check Data • Daily Check : • Web Apps Security and APT Malware Check • World Best Tools : Bit Scanner and PCDS 1. https://msexperttalk.com/azure-security-center-cloud-security-posture-management/ A Client’s Security C Class : 631/880
  • 22. Add 1 Security Professional 2020-08-25 비용효과적인 사이버보안 전략 22 1. https://www.nist.gov/itl/applied-cybersecurity/nice/nice-framework-resource-center 2. https://resources.infosecinstitute.com/keeping-your-cybersecurity-skills-relevant/#gref 1. Intrusion Detection: 2. Software Reverse-Engineering 3. Analytical Skills: 4. Risk Mitigation: 5. Cloud Security: 6. Incident Response: 7. Encryption Technologies: 8. Penetration Testing:
  • 23. Add 2 Content of Future Book 2020-08-25 비용효과적인 사이버보안 전략 23 I. Cyber Security Abstract II. Strategy III. Cyber Security Issues IV. Penetration Test V. IDS and Information Warfare VI. Practical Case Cyber Security Abstract 1. Strategy 2. Software Security 3. Cloud Security 4. US Cyber Security 5. Incident Case Analysis 6. Cyber Security Jobs 7. Penetration Strategy 8. APT Malware 9. Web Apps 10. Information Warfare 11. IDS 12. Security Measure 13. Risk Managemment